1. Home
  2. Fortinet
  3. NSE4-5.4

Fortinet NSE4-5.4 Online Practice Questions and Exam Preparation

NSE4-5.4 Exam Details

  • Exam Code
    :NSE4-5.4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :576 Q&As
  • Last Updated
    :Dec 30, 2024

Fortinet NSE4-5.4 Online Questions & Answers

  • Question 201:

    Which of the following statements are true regarding traffic accelerated by an NP processor? (Choose two.)

    A. TCP SYN packets are always handled by the NP Processor
    B. The initial packets go to the NP Processor, where a decision is taken on if the session can be offloaded or not.
    C. Packets for a session termination are always handled by the CPU.
    D. The initial packets go to the CPU, where a decision is taken on if the session can be offloaded or not.

  • Question 202:

    When viewing the Banned User monitor in Web Config, the administrator notes the entry illustrated in the exhibit.

    Which of the following statements is correct regarding this entry?

    A. The entry displays a ban that has been added as a result of traffic triggering a configured DLP rule.
    B. The entry displays a ban that was triggered by HTTP traffic matching an IPS signature. This client is banned from receiving or sending any traffic through the FortiGate.
    C. The entry displays a quarantine, which could have been added by either IPS or DLP.
    D. This entry displays a ban entry that was added manually by the administrator on June11th.

  • Question 203:

    What IPv6 extension header can be used to provide encryption and data confidentiality?

    A. Mobility
    B. ESP
    C. Authentication
    D. Destination options

  • Question 204:

    Which of the following statements are correct concerning layer 2 broadcast domains in transparent mode VDOMs?(Choose two)

    A. The whole VDOM is a single broadcast domain even when multiple VLAN are used.
    B. Each VLAN is a separate broadcast domain.
    C. Interfaces configured with the same VLAN ID can belong to different broadcast domains.
    D. All the interfaces in the same broadcast domain must use the same VLAN ID.

  • Question 205:

    Which of the following must be configured on a FortiGate unit to redirect content requests to remote web cache servers?

    A. WCCP must be enabled on the interface facing the Web cache.
    B. You must enabled explicit Web-proxy on the incoming interface.
    C. WCCP must be enabled as a global setting on the FortiGate unit.
    D. WCCP must be enabled on all interfaces on the FortiGate unit through which HTTP traffic is passing.

  • Question 206:

    Which statements about DNS filter profiles are true? (Choose two.)

    A. They can inspect HTTP traffic.
    B. They must be applied in firewall policies with SSL inspection enabled.
    C. They can block DNS request to known botnet command and control servers.
    D. They can redirect blocked requests to a specific portal.

  • Question 207:

    Which of the following statements describes the objectives of the gratuitous ARP packets sent by an HA cluster?

    A. To synchronize the ARp tables in all the FortiGate Unis that are part of the HA cluster.
    B. To notify the network switches that a new HA master unit has been elected.
    C. To notify the master unit that the slave devices are still up and alive.
    D. To notify the master unit about the physical MAC addresses of the slave units.

  • Question 208:

    Which statements regarding banned words are correct? (Choose two.)

    A. Content is automatically blocked if a single instance of a banned word appears.
    B. The FortiGate updates banned words on a periodic basis.
    C. The FortiGate can scan web pages and email messages for instances of banned words.
    D. Banned words can be expressed as simple text, wildcards and regular expressions.

  • Question 209:

    Which statements are true regarding traffic shaping that is applied in an application sensor, and associated with a firewall policy? (Choose two.)

    A. Shared traffic shaping cannot be used.
    B. Only traffic matching the application control signature is shaped.
    C. Can limit the bandwidth usage of heavy traffic applications.
    D. Per-IP traffic shaping cannot be used.

  • Question 210:

    What configuration objects are automatically added when using the FortiGate's FortiClient VPN Configurations Wizard?(Choose two)

    A. Static route
    B. Phase 1
    C. Users group
    D. Phase 2

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.